exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files from Ramella Sebastien

First Active2019-07-15
Last Active2022-06-07
Microsoft Office Word MSDTJS Code Execution
Posted Jun 7, 2022
Authored by Ramella Sebastien, nao sec | Site metasploit.com

This Metasploit module generates a malicious Microsoft Word document that when loaded, will leverage the remote template feature to fetch an HTML document and then use the ms-msdt scheme to execute PowerShell code.

tags | exploit, remote
advisories | CVE-2022-30190
SHA-256 | dfd70a501deb66860bda3d2c8fb70eb21aec791b445093014e637e57d9f6c39c
Microsoft Office Word MSHTML Remote Code Execution
Posted Dec 9, 2021
Authored by LockedByte, Ramella Sebastien, thesunRider, klezVirus | Site metasploit.com

This Metasploit module creates a malicious docx file that when opened in Word on a vulnerable Windows system will lead to code execution. This vulnerability exists because an attacker can craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine.

tags | exploit, code execution, activex
systems | windows
advisories | CVE-2021-40444
SHA-256 | fcc3f4d138a7fb7352da3e6cb2038a1b4776153656e84bcdef4857dab28eac23
Apache 2.4.49 / 2.4.50 Traversal / Remote Code Execution
Posted Oct 25, 2021
Authored by Dhiraj Mishra, Ramella Sebastien, Ash Daulton | Site metasploit.com

This Metasploit module exploits an unauthenticated remote code execution vulnerability which exists in Apache version 2.4.49 (CVE-2021-41773). If files outside of the document root are not protected by ‘require all denied’ and CGI has been explicitly enabled, it can be used to execute arbitrary commands. This vulnerability has been reintroduced in the Apache 2.4.50 fix (CVE-2021-42013).

tags | exploit, remote, arbitrary, cgi, root, code execution
advisories | CVE-2021-41773, CVE-2021-42013
SHA-256 | a75779abdd3a9f2a319a34c0efbba4f95b420f39624081c3a13752641b7c8d6d
Microsoft Exchange ProxyShell Remote Code Execution
Posted Aug 20, 2021
Authored by Spencer McIntyre, Orange Tsai, wvu, Ramella Sebastien, Jang, PeterJson, brandonshi123 | Site metasploit.com

This Metasploit module exploits a vulnerability on Microsoft Exchange Server that allows an attacker to bypass the authentication, impersonate an arbitrary user, and write an arbitrary file to achieve remote code execution. By taking advantage of this vulnerability, you can execute arbitrary commands on the remote Microsoft Exchange Server. This vulnerability affects Exchange 2013 CU23 versions before 15.0.1497.15, Exchange 2016 CU19 versions before 15.1.2176.12, Exchange 2016 CU20 versions before 15.1.2242.5, Exchange 2019 CU8 versions before 15.2.792.13, and Exchange 2019 CU9 versions before 15.2.858.9.

tags | exploit, remote, arbitrary, code execution
advisories | CVE-2021-31207, CVE-2021-34473, CVE-2021-34523
SHA-256 | b555cd3b9862ec567195ff3003e6dc453483630a7c663ee17d582778c11dbf59
Microsoft Exchange ProxyLogon Collector
Posted May 21, 2021
Authored by Ramella Sebastien | Site metasploit.com

This Metasploit module scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin by chaining this bug with another post-auth arbitrary-file-write vulnerability to get code execution. As a result, an unauthenticated attacker can execute arbitrary commands on Microsoft Exchange Server. This vulnerability affects Exchange 2013 versions below 15.00.1497.012, Exchange 2016 CU18 below 15.01.2106.013, Exchange 2016 CU19 below 15.01.2176.009, Exchange 2019 CU7 below 15.02.0721.013, and Exchange 2019 CU8 below 15.02.0792.010 . All components are vulnerable by default.

tags | exploit, arbitrary, code execution, info disclosure
advisories | CVE-2021-26855, CVE-2021-27065
SHA-256 | 585a4badc4bc32954c170e5f8283ee5e2c9ceb31c4f0aab20e24dc5c6ff31912
Citrix ADC NetScaler Local File Inclusion
Posted Nov 13, 2020
Authored by Donny Maasland, Ramella Sebastien | Site metasploit.com

This Metasploit module exploits a local file inclusion vulnerability in Citrix ADC Netscaler.

tags | exploit, local, file inclusion
advisories | CVE-2020-8193, CVE-2020-8195, CVE-2020-8196
SHA-256 | 70dc89253162a6b119c3d606f6c3f8993ac2cf75090d967905fead6d2ddd4d90
Centreon 19.10.5 Pollers Remote Command Execution
Posted Feb 4, 2020
Authored by Ramella Sebastien, Fabien Aunay, Omri Baso | Site metasploit.com

This Metasploit module exploits a Centreon version 19.10.5 Pollers remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 3823f489d80ba96f9daa51e9c9ad49970827297fc04995a65e690613f8eb0684
Citrix ADC (NetScaler) Directory Traversal / Remote Code Execution
Posted Jan 14, 2020
Authored by Ramella Sebastien, Project Zero India | Site metasploit.com

This Metasploit module exploits a directory traversal in Citrix Application Delivery Controller (ADC), aka NetScaler, and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0, to execute an arbitrary command payload.

tags | exploit, arbitrary
advisories | CVE-2019-19781
SHA-256 | 0f0c8e65ca7fee56037d7ddffc1e77aeffb0987b8111f2b772dbffe0b1b1fb89
Citrix Application Delivery Controller / Gateway 10.5 Remote Code Execution
Posted Jan 13, 2020
Authored by Ramella Sebastien | Site metasploit.com

This Metasploit module exploits a remote code execution vulnerability in Citrix Application Delivery Controller and Gateway version 10.5.

tags | exploit, remote, code execution
advisories | CVE-2019-19781
SHA-256 | bec68a9167966887bfc41632126f3582e09608bebf23999be1ca53bae2414759
Microsoft Windows RDP BlueKeep Denial Of Service
Posted Jul 15, 2019
Authored by Ramella Sebastien

Microsoft Windows Remote Desktop BlueKeep denial of service exploit.

tags | exploit, remote, denial of service
systems | windows
advisories | CVE-2019-0708
SHA-256 | fd14625fe2ae16af44ddb6f7a27ab38b1fdc86ac051a831939a1eb569a859ea5
Page 1 of 1
Back1Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close